Merge pull request #17136 from asgerf/js/shared-dataflow-bump

JS: Merge 'main' into shared dataflow branch

Author: asgerf

javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll

@@ -301,7 +301,7 @@ newtype TDataFlowType =
   TAnyType()
 
 class DataFlowType extends TDataFlowType {
-  string toString() {
+  string toDebugString() {
     this instanceof TFunctionType and
     result =
       "TFunctionType(" + this.asFunction().toString() + ") at line " +
@@ -310,6 +310,10 @@ class DataFlowType extends TDataFlowType {
     this instanceof TAnyType and result = "TAnyType"
   }
 
+  string toString() {
+    result = "" // Must be the empty string to prevent this from showing up in path explanations
+  }
+
   Function asFunction() { this = TFunctionType(result) }
 }
 

javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll

@@ -126,6 +126,8 @@ module VariableCaptureConfig implements InputSig<js::DbLocation> {
     )
   }
 
+  class ControlFlowNode = js::ControlFlowNode;
+
   class BasicBlock extends js::BasicBlock {
     Callable getEnclosingCallable() { result = this.getContainer().getFunctionBoundary() }
   }

javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected

@@ -104,22 +104,22 @@ edges
 | exception-xss.js:33:19:33:21 | foo | exception-xss.js:33:11:33:22 | ["bar", foo] | provenance |  |
 | exception-xss.js:34:11:34:11 | e | exception-xss.js:35:18:35:18 | e | provenance |  |
 | exception-xss.js:38:16:38:16 | x | exception-xss.js:39:9:39:9 | x | provenance |  |
-| exception-xss.js:39:9:39:9 | x | exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | provenance |  |
+| exception-xss.js:39:9:39:9 | x | exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | provenance | Config |
 | exception-xss.js:39:9:39:9 | x | exception-xss.js:41:17:41:17 | x | provenance |  |
 | exception-xss.js:41:17:41:17 | x | exception-xss.js:42:9:42:9 | x | provenance |  |
 | exception-xss.js:42:9:42:9 | x | exception-xss.js:4:17:4:17 | x | provenance |  |
 | exception-xss.js:42:9:42:9 | x | exception-xss.js:42:3:42:10 | exceptional return of inner(x) | provenance | Config |
 | exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | exception-xss.js:47:11:47:11 | e | provenance |  |
 | exception-xss.js:46:8:46:18 | "bar" + foo | exception-xss.js:38:16:38:16 | x | provenance |  |
-| exception-xss.js:46:8:46:18 | "bar" + foo | exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | provenance |  |
+| exception-xss.js:46:8:46:18 | "bar" + foo | exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | provenance | Config |
 | exception-xss.js:46:16:46:18 | foo | exception-xss.js:46:8:46:18 | "bar" + foo | provenance |  |
 | exception-xss.js:47:11:47:11 | e | exception-xss.js:48:18:48:18 | e | provenance |  |
 | exception-xss.js:74:28:74:28 | x | exception-xss.js:75:10:75:10 | x | provenance |  |
 | exception-xss.js:75:10:75:10 | x | exception-xss.js:4:17:4:17 | x | provenance |  |
 | exception-xss.js:75:10:75:10 | x | exception-xss.js:75:4:75:11 | exceptional return of inner(x) | provenance | Config |
 | exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | exception-xss.js:82:11:82:11 | e | provenance |  |
 | exception-xss.js:81:16:81:18 | foo | exception-xss.js:74:28:74:28 | x | provenance |  |
-| exception-xss.js:81:16:81:18 | foo | exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | provenance |  |
+| exception-xss.js:81:16:81:18 | foo | exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | provenance | Config |
 | exception-xss.js:82:11:82:11 | e | exception-xss.js:83:18:83:18 | e | provenance |  |
 | exception-xss.js:89:11:89:13 | foo | exception-xss.js:89:11:89:26 | foo.match(/foo/) | provenance |  |
 | exception-xss.js:89:11:89:26 | foo.match(/foo/) | exception-xss.js:90:11:90:11 | e | provenance | Config |

javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected

@@ -19,10 +19,10 @@ edges
 | build-leaks.js:21:11:26:5 | stringifed [process.env] | build-leaks.js:30:22:30:31 | stringifed [process.env] | provenance |  |
 | build-leaks.js:21:24:26:5 | {\\n      ... )\\n    } [process.env] | build-leaks.js:21:11:26:5 | stringifed [process.env] | provenance |  |
 | build-leaks.js:22:24:25:14 | Object. ...  }, {}) | build-leaks.js:21:24:26:5 | {\\n      ... )\\n    } [process.env] | provenance |  |
-| build-leaks.js:22:36:22:38 | raw | build-leaks.js:22:24:25:14 | Object. ...  }, {}) | provenance |  |
+| build-leaks.js:22:36:22:38 | raw | build-leaks.js:22:24:25:14 | Object. ...  }, {}) | provenance | Config |
 | build-leaks.js:22:36:22:38 | raw | build-leaks.js:22:49:22:51 | env | provenance | Config |
 | build-leaks.js:22:36:22:38 | raw | build-leaks.js:23:39:23:41 | raw | provenance |  |
-| build-leaks.js:22:36:22:38 | raw | build-leaks.js:25:12:25:13 | [post update] {} | provenance |  |
+| build-leaks.js:22:36:22:38 | raw | build-leaks.js:25:12:25:13 | [post update] {} | provenance | Config |
 | build-leaks.js:22:49:22:51 | env | build-leaks.js:24:20:24:22 | env | provenance |  |
 | build-leaks.js:22:49:22:51 | env | build-leaks.js:24:20:24:22 | env | provenance |  |
 | build-leaks.js:23:13:23:15 | [post update] env | build-leaks.js:22:49:22:51 | env | provenance |  |